diff options
| author |   Pawan Badganchi <badganchipv@gmail.com> | 2022-06-13 19:18:15 +0530 |
|---|---|---|
| committer |   Steve Sakoman <steve@sakoman.com> | 2022-06-13 06:21:32 -1000 |
| commit | 179b862e97d95ef57f8ee847e54a78b5f3f52ee7 (patch) | |
| tree | 243271f578bc27a13c9120bc71987701f6b8f75b /meta/recipes-connectivity/openssh | |
| parent | cc657868d31cc8b4218a07aa10fa098c379e473c (diff) | |
| download | openembedded-core-contrib-179b862e97d95ef57f8ee847e54a78b5f3f52ee7.tar.gz | |
openssh: Whitelist CVE-2021-36368
As per debian, the issue is fixed by a feature called
"agent restriction" in openssh 8.9.
Urgency is unimportant as per debian, Hence this CVE is whitelisting.
Link:
https://security-tracker.debian.org/tracker/CVE-2021-36368
https://bugzilla.mindrot.org/show_bug.cgi?id=3316#c2
https://docs.ssh-mitm.at/trivialauth.html
Signed-off-by: Pawan Badganchi <badganchipv@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Diffstat (limited to 'meta/recipes-connectivity/openssh')
| -rw-r--r-- | meta/recipes-connectivity/openssh/openssh_8.2p1.bb | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssh/openssh_8.2p1.bb b/meta/recipes-connectivity/openssh/openssh_8.2p1.bb index ddc9ed0b32..eaec26cac0 100644 --- a/meta/recipes-connectivity/openssh/openssh_8.2p1.bb +++ b/meta/recipes-connectivity/openssh/openssh_8.2p1.bb @@ -60,6 +60,13 @@ CVE_CHECK_WHITELIST += "CVE-2008-3844" # https://ubuntu.com/security/CVE-2016-20012 CVE_CHECK_WHITELIST += "CVE-2016-20012" +# As per debian, the issue is fixed by a feature called "agent restriction" in openssh 8.9 +# Urgency is unimportant as per debian, Hence this CVE is whitelisting. +# https://security-tracker.debian.org/tracker/CVE-2021-36368 +# https://bugzilla.mindrot.org/show_bug.cgi?id=3316#c2 +# https://docs.ssh-mitm.at/trivialauth.html +CVE_CHECK_WHITELIST += "CVE-2021-36368" + PAM_SRC_URI = "file://sshd" inherit manpages useradd update-rc.d update-alternatives systemd |